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DETAILED ACTION 

Response to Amendment 

1. Applicant's amendment filed 25 September 2008 amends claim 1. Claim 15 has been 
cancelled. Claims 17-28 have been added. Applicant's amendment has been fully considered and 
entered. 

Response to Arguments 

2. Applicant's arguments with respect to claims have been considered but are moot in view 
of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 112 

3. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

4. Claims 26-28 are rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

5. Claims 26-28 recites the limitation "the datagram". There is insufficient antecedent basis 
for this limitation in the claim. 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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7. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. I, 148 USPQ 459 
(1966), that are applied for establishing a background for determining obviousness under 35 
U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating obviousness 
or nonobviousness. 

8. Claims 1-4, 23-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Baugher, The Secure Real-Time Transport Protocol, in view of Minhazuddin, U.S. Publication 
No. 2004/0073641, and in further view of Devine, U.S. Patent No. 6,606,708. Referring to 
claims 1, 23-25, Baugher discloses the secure real-time transport protocol wherein a sender 
transmits encrypted SRTP packets to a receiver (Page 10). The receiver receives the encrypted 
packets (Page 10), which meets the limitation of receiving from a plurality of sending clients an 
encrypted media packet using Real-time Transport protocol (RTP) message format at a media- 
relay server, the encrypted media packet being sent to the destination address and the destination 
port, wherein a plurality of sending clients send media packets to the destination address and the 
destination port. The cryptographic context id included in the packet header (Figure 1) uniquely 
identifies the cryptographic information required to process the packet (Page 6, 3.2 & Page 9), 
which meets the limitation of establishing a plurality of security associations (SAs) for dialogs 
between sending clients and receiving clients, each SA including source information of a sending 
client and an indication of a receiving client, determining whether a sending client's Security 
Association (SA) exists using the sender's source information receiving with the media packet. If 
a valid cryptographic context cannot be found the packet is dropped (Page 9), which meets the 
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limitation of if no SA exists, dropping the media packet. If the receiver determines the 
cryptographic context used (Page 10, step 1), the packet is decrypted (Page 11, step 6), which 
meets the limitation of if a SA does exist, decrypting the media packet. Baugher does not 
disclose that the encrypted packets are received and decrypted at a server. Minhazuddin discloses 
session monitor that receives RTP packets for a network (Figure 2, 224). It would have been 
obvious to one of ordinary skill in the art at the time the invention was made to have the 
encrypted packets, of Baugher, be received and processed by a network monitor, such as the 
session monitor in Minhazuddin, in order to provide the network with a means of determining 
network problems while providing instantaneous troubleshooting as taught by Minhazuddin 
([0009]). Baugher further does not describe comparing the SSRC of the decrypted packet to a 
stored SSRC associated with the session. Minhazuddin discloses that the session monitor 
compares the SSRC of received packets to SSRCs associated with current sessions, and if they 
do not match, the packet is not accepted (i.e. dropped)([0039]-[0040]), which meets the 
limitation of obtaining a SSRC from the SA, comparing the SSRC identifier included in the RTP 
packet with the SSRC obtained from the SA, if the SSRC included in the RTP packet does not 
match the SSRC obtained from the SA, dropping the media packet, and if the SSRC in the RTP 
packet matches to the SSRC obtained from the SA, forwarding the packet to a receiving client 
indicated in the SA based on the sender's source information. It would have been obvious to one 
of ordinary skill in the art at the time the invention was made to have the SSRC of the decrypted 
SRTP packets in Baugher be compared with SSRC associated with the sessions in a session 
monitor in order to confirm that the user of the end point is a legitimate requester by confirming 
that the session id represents an active session as taught by Minhazuddin ([0040]). Furthermore, 
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this comparison would occur after the packet has been decrypted because the SSRC in the 
encrypted packet of Baugher is included in the encrypted section of the packet (Page 14, Figure 
2). Minhazuddin does not disclose that the session monitor server exists in a DMZ. Devine 
discloses utilizing servers in a DMZ connected between an internal and external firewall (Figs. 
4-5), which meets the limitation of a single destination address and a single destination port of a 
firewall, the media-relay server is connected to a external firewall through which encrypted 
packets are received from sending clients and an internal firewall through which decrypted 
packets are forwarded to receiving clients. It would have been obvious to one of ordinary skill in 
the art at the time the invention was made for the session monitor of Minhazuddin to be 
implemented in a DMZ as shown in Devine in order to prevent a direct connection between any 
external and any internal network or intranet computer as taught by Devine (Col. 22, lines 18- 
62). 

Referring to claim 2, Baugher discloses that the cryptographic context is determined 
based on the network address and port number of the sender contained in the packet header (Page 
9), which meets the limitation of the source information retrieved comprises a source Internet 
Protocol (IP) address and port number found in the RTP message format. Baugher does not 
disclose that the encrypted packets are received and decrypted at a server. Minhazuddin discloses 
session monitor that receives RTP packets for a network (Figure 2, 224). It would have been 
obvious to one of ordinary skill in the art at the time the invention was made to have the 
encrypted packets, of Baugher, be received and processed by a network monitor, such as the 
session monitor in Minhazuddin, in order to provide the network with a means of determining 
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network problems while providing instantaneous troubleshooting as taught by Minhazuddin 
([0009]). 

Referring to claims 3, 4, Baugher discloses that the data packets can represent audio or 
video data (Page 5), which meets the limitation of the media packet comprises audio/video data. 
9. Claims 17-22, 26-28 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Baugher, The Secure Real-Time Transport Protocol, in view of Minhazuddin, U.S. Publication 
No. 2004/0073641, in view of Dacosta, U.S. Patent No. 7,324,523, and further in view of 
Devine, U.S. Patent No. 6,606,708. Referring to claims 17-19, 21, 27, Baugher discloses the 
secure real-time transport protocol wherein a sender transmits encrypted SRTP packets to a 
receiver (Page 10). The receiver receives the encrypted packets (Page 10), which meets the 
limitation of receiving from each of the sending client a packet sent to the destination address 
and the destination port, an encrypted packet and source information of the sending client. The 
cryptographic context id included in the packet header (Figure 1) uniquely identifies the 
cryptographic information required to process the packet (Page 6, 3.2 & Page 9), which meets 
the limitation of for each of a plurality of sending clients, establishing a security association 
(SAs) for a dialog between the sending client and a receiving client, the security association 
including an encryption key for decrypting packets sent from the sending client to the receiving 
client via the destination address and the destination port, a synchronization source identifier that 
uniquely identifies the sending client within the dialog, source information of the sending client, 
and an indication of the receiving client, the source information is a synchronization source 
identifier. If a valid cryptographic context cannot be found the packet is dropped (Page 9), which 
meets the limitation upon receiving the packet, when no security association has been established 
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that includes the source information of the received packet, dropping the encrypted packet. If the 
receiver determines the cryptographic context used (Page 10, step 1), the packet is decrypted 
(Page 11, step 6), which meets the limitation of when a security association has been established 
that includes the source information of the received packet, decrypting the encrypted packet 
using the encryption key of the established security association. Baugher does not disclose that 
the encrypted packets are received and decrypted at a server. Minhazuddin discloses session 
monitor that receives RTP packets for a network (Figure 2, 224). It would have been obvious to 
one of ordinary skill in the art at the time the invention was made to have the encrypted packets, 
of Baugher, be received and processed by a network monitor, such as the session monitor in 
Minhazuddin, in order to provide the network with a means of determining network problems 
while providing instantaneous troubleshooting as taught by Minhazuddin ([0009]). Baugher 
further does not describe comparing the SSRC of the decrypted packet to a stored SSRC 
associated with the session. Minhazuddin discloses that the session monitor compares the SSRC 
of received packets to SSRCs associated with current sessions, and if they do not match, the 
packet is not accepted (i.e. dropped)([0039]-[0040]), which meets the limitation of obtaining a 
SSRC from the SA, comparing the SSRC identifier included in the RTP packet with the SSRC 
obtained from the SA, if the SSRC included in the RTP packet does not match the SSRC 
obtained from the SA, dropping the media packet, and if the SSRC in the RTP packet matches to 
the SSRC obtained from the SA, forwarding the packet to a receiving client indicated in the SA 
based on the sender's source information. It would have been obvious to one of ordinary skill in 
the art at the time the invention was made to have the SSRC of the decrypted SRTP packets in 
Baugher be compared with SSRC associated with the sessions in a session monitor in order to 
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confirm that the user of the end point is a legitimate requester by confirming that the session id 
represents an active session as taught by Minhazuddin ([0040]). Furthermore, this comparison 
would occur after the packet has been decrypted because the SSRC in the encrypted packet of 
Baugher is included in the encrypted section of the packet (Page 14, Figure 2). Baugher does not 
specify utilizing UDP, which creates datagrams for the packets, to communicate the SRTP data. 
However, it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to utilize the UDP protocol to communication the SRTP data of Baugher because RTP 
delivers delay-sensitive information and UDP provides the ability to transmit delay-sensitive 
information as taught by Dacosta (Col. 2, lines 35-48). Minhazuddin does not disclose that the 
session monitor server exists in a DMZ. Devine discloses utilizing servers in a DMZ connected 
between an internal and external firewall (Figs. 4-5), which meets the limitation of a single 
destination address and a single destination port of a firewall, the media-relay server is connected 
to a external firewall through which datagrams are received from sending clients and an internal 
firewall through which packets are forwarded to receiving clients. It would have been obvious to 
one of ordinary skill in the art at the time the invention was made for the session monitor of 
Minhazuddin to be implemented in a DMZ as shown in Devine in order to prevent a direct 
connection between any external and any internal network or intranet computer as taught by 
Devine (Col. 22, lines 18-62). 

Referring to claims 20, 26, source address and source port information in a datagram is 
inherent to the UDP protocol. It would have been obvious to one of ordinary skill in the art at the 
time the invention was made to utilize the UDP protocol to communication the SRTP data of 



Application/Control Number: 10/792,349 Page 9 

Art Unit: 2432 

Baugher because RTP delivers delay-sensitive information and UDP provides the ability to 
transmit delay-sensitive information as taught by Dacosta (Col. 2, lines 35-48). 

Referring to claims 22, 28, Baugher discloses that only the payload is encrypted (Page 
10, section 5), which meets the limitation of the source information of the datagram is not 
encrypted. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to utilize the UDP protocol to communication the SRTP data of Baugher because RTP 
delivers delay-sensitive information and UDP provides the ability to transmit delay-sensitive 
information as taught by Dacosta (Col. 2, lines 35-48). 

Conclusion 

10. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 
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1 1 . Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to BENJAMIN E. LANIER whose telephone number is (571)272- 
3805. The examiner can normally be reached on M-Th 7:00am-5:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Benjamin E Lanier/ 

Primary Examiner, Art Unit 2432 



